AssuranceSOC 1 / SOC 2 & ISO 27001
Readiness assessments and audit support delivered in partnership with our CPA firm partners, run on Fieldguide — a modern audit automation platform. We scope, prepare, and support your organization through every step of the engagement, from control design through final report.
SOC 1 Type I & IISOC 2 Type I & IIISO 27001ISO 42001Fieldguide
LeadershipFractional CIO, CISO & CTO
Senior technology, security, and engineering leadership on a fractional basis — available full-time equivalent or part-time, scoped to your needs. Our principals have served as CISO, CIO, and CTO for organizations from Silicon Valley SaaS startups to national healthcare networks.
StrategyBoard ReportingVendor ManagementProgram Execution
OperationsIT & Security Operations
Full-scope managed IT and security operations for organizations in transition — identity, endpoint, M365 administration, and incident response. We step in where capacity or expertise gaps exist and build toward sustainable internal capability.
Identity & AccessEndpointM365Incident Response
RiskRisk Assessments
Tailored security risk and maturity assessments mapped to the frameworks that matter for your business and your customers. We deliver actionable findings, not voluminous reports — prioritized by business impact and paired with a remediation roadmap.
NIST CSFNIST 800-171CIS ControlsCustom Frameworks
OffensePenetration Testing
Offensive security and penetration testing to find weaknesses before adversaries do. We deliver findings your engineering team can act on, with clear severity ratings, evidence, and remediation guidance — not just a list of CVEs.
Network TestingWeb App TestingSocial EngineeringRed Team
PrivacyPrivacy & Compliance
HIPAA/HITECH, GDPR, PCI-DSS, and NIST 800-171 compliance programs for healthcare, fintech, and government-adjacent businesses. We map obligations to controls, identify gaps, and help you build a compliance posture that scales.
HIPAA / HITECHGDPRPCI-DSSNIST 800-171State Privacy Laws